the remote_providerID parameter of lasso_login_build_authn_request_msg()

method is now optional. If it's NULL, the providerID of the first provider of login->server is used.
author: Valery Febvre <vfebvre at easter-eggs.com> 2004-09-20 12:32:21 +0000
committer: Valery Febvre <vfebvre at easter-eggs.com> 2004-09-20 12:32:21 +0000
commit: 625724902128abb279f741cf52d7cc875ff1b66a (patch)
tree: 32a48306344ad2edcf49f7df8e3b6505c4e885a3
parent: c3ea4a50885ada48f2bd32749ba97022eb600042 (diff)
2 files changed, 35 insertions, 13 deletions
diff --git a/lasso/id-ff/login.c b/lasso/id-ff/login.c
index a630340b..f0b8cca1 100644
--- a/lasso/id-ff/login.c
+++ b/lasso/id-ff/login.c
@@ -209,7 +209,7 @@ lasso_login_process_response_status_and_assertion(LassoLogin *login) {
   status = lasso_node_get_child(LASSO_PROFILE(login)->response,
 				"Status", lassoSamlProtocolHRef, &err);
   if (status == NULL) {
-    /* nico : return a code error if status code not found */
+    /* nico : return an error code error if status code not found */
     ret = -1;
     goto done;
   }
@@ -515,17 +515,20 @@ lasso_login_build_artifact_msg(LassoLogin      *login,
 /**
  * lasso_login_build_authn_request_msg:
  * @login: a LassoLogin
- * @remote_providerID: the providerID of the identity provider
+ * @remote_providerID: the providerID of the identity provider or NULL
  * 
- * Builds an authentication request. Depending of the SSO protocol profile of
- * the identity provider (defined in metadata file), the data for the sending of
- * the request are stored in msg_url (GET) or msg_url and msg_body (POST).
+ * Builds an authentication request. Depending of the selected HTTP method,
+ * the data for the sending of the request are stored in msg_url (GET) or
+ * msg_url and msg_body (POST).
  * 
+ * If remote_providerID is NULL, the providerID of the first provider
+ * of server is used.
+ *
  * Return value: 0 on success and a negative value otherwise.
  **/
 gint
-lasso_login_build_authn_request_msg(LassoLogin      *login,
-				    const gchar     *remote_providerID)
+lasso_login_build_authn_request_msg(LassoLogin  *login,
+				    const gchar *remote_providerID)
 {
   LassoProvider *provider, *remote_provider;
   xmlChar *md_authnRequestsSigned = NULL;
@@ -538,10 +541,14 @@ lasso_login_build_authn_request_msg(LassoLogin      *login,
   GError *err = NULL;
 
   g_return_val_if_fail(LASSO_IS_LOGIN(login), LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ);
-  g_return_val_if_fail(remote_providerID != NULL, LASSO_PARAM_ERROR_INVALID_VALUE);
 
-  LASSO_PROFILE(login)->remote_providerID = g_strdup(remote_providerID);
-  
+  if (remote_providerID != NULL) {
+    LASSO_PROFILE(login)->remote_providerID = g_strdup(remote_providerID);
+  }
+  else {
+    LASSO_PROFILE(login)->remote_providerID = lasso_server_get_first_providerID(LASSO_PROFILE(login)->server);
+  }
+
   provider = LASSO_PROVIDER(LASSO_PROFILE(login)->server);
   remote_provider = lasso_server_get_provider_ref(LASSO_PROFILE(login)->server,
 						  LASSO_PROFILE(login)->remote_providerID,
@@ -910,7 +917,7 @@ lasso_login_init_from_authn_request_msg(LassoLogin      *login,
   default:
     break;
   }
-  /* verify ASSO_PROFILE(login)-request is an AuthnRequest object */
+  /* verify login>-request is an AuthnRequest object */
   if ( LASSO_IS_AUTHN_REQUEST(LASSO_PROFILE(login)->request) == FALSE ) {
     message(G_LOG_LEVEL_CRITICAL, "Message is not an AuthnRequest\n");
     return -1;
@@ -930,6 +937,10 @@ lasso_login_init_from_authn_request_msg(LassoLogin      *login,
   else if (xmlStrEqual(protocolProfile, lassoLibProtocolProfileBrwsPost)) {
     login->protocolProfile = lassoLoginProtocolProfileBrwsPost;
   }
+  else {
+    message(G_LOG_LEVEL_CRITICAL, "Unknown ProtocolProfile : %s\n", protocolProfile);
+    return -2;
+  }
   xmlFree(protocolProfile);
 
   /* build response */
@@ -1154,6 +1165,7 @@ gint
 lasso_login_process_request_msg(LassoLogin *login,
 				gchar      *request_msg)
 {
+/*   LassoProvider *remote_provider; */
   gint ret = 0;
   GError *err = NULL;
 
@@ -1169,6 +1181,16 @@ lasso_login_process_request_msg(LassoLogin *login,
   }
   LASSO_PROFILE(login)->request_type = lassoMessageTypeRequest;
 
+  /* TODO : verify signature */
+/*   remote_provider = lasso_server_get_provider_ref(LASSO_PROFILE(login)->server, */
+/* 						  LASSO_PROFILE(login)->remote_providerID, */
+/* 						  NULL); */
+/*   ret = lasso_node_verify_x509_signature(LASSO_PROFILE(login)->request, */
+/* 					 remote_provider->ca_certificate); */
+/*   if (ret < 0) { */
+/*     return ret; */
+/*   } */
+
   /* get AssertionArtifact */
   login->assertionArtifact = lasso_node_get_child_content(LASSO_PROFILE(login)->request,
 							  "AssertionArtifact",
diff --git a/lasso/id-ff/login.h b/lasso/id-ff/login.h
index a4b00c43..bab3f8e5 100644
--- a/lasso/id-ff/login.h
+++ b/lasso/id-ff/login.h
@@ -87,8 +87,8 @@ LASSO_EXPORT gint        lasso_login_build_artifact_msg          (LassoLogin
 								  const gchar     *reauthenticateOnOrAfter,
 								  lassoHttpMethod  http_method);
 
-LASSO_EXPORT gint        lasso_login_build_authn_request_msg     (LassoLogin      *login,
-								  const gchar     *remote_providerID);
+LASSO_EXPORT gint        lasso_login_build_authn_request_msg     (LassoLogin  *login,
+								  const gchar *remote_providerID);
 
 LASSO_EXPORT gint        lasso_login_build_authn_response_msg    (LassoLogin  *login,
 								  gboolean     authentication_result,
author	Valery Febvre <vfebvre at easter-eggs.com>	2004-09-20 12:32:21 +0000
committer	Valery Febvre <vfebvre at easter-eggs.com>	2004-09-20 12:32:21 +0000
commit	625724902128abb279f741cf52d7cc875ff1b66a (patch)
tree	32a48306344ad2edcf49f7df8e3b6505c4e885a3
parent	c3ea4a50885ada48f2bd32749ba97022eb600042 (diff)